I’m trying to use a docker honeypot from Github.
As per the instructions, I did set it up on an Ubuntu 16.04 VM so that I could test it out and play with it locally. There also don’t seem to be any firewall issues occurring here as I can SSH into the VM from my host without issue.
The problem is that it seems the whaler_victim container doesn’t seem to be reachable via TCP:2375. As per the logs I’m seeing for the honeypot.
2020-02-19 22:32:17,867 - DEBUG - connectionpool - Starting new HTTP connection (26): whaler_victim:2375 2020-02-19 22:32:17,868 - WARNING - VictimContainer - VictimContainer: Lost connection, retrying in 10s...[HTTPConnectionPool(host='whaler_victim', port=2375): Max retries exceeded with url: /v1.35/events (Caused by NewConnectionError('<urllib3.connection.HTTPConnection object at 0x7f9cebc76690>: Failed to establish a new connection: [Errno 111] Connection refused',))]
There is an EXPOSE directive in the Dockerfile and I can see the container listening when running a docker ps.
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES 48cd82f60e5c whaler/capture "/app/wrapper.sh -U …" 4 minutes ago Up 4 minutes whaler_capture f47899d96703 docker:stable-dind "dockerd-entrypoint.…" 4 minutes ago Up 4 minutes 0.0.0.0:2375->2375/tcp, 2376/tcp whaler_victim edccb00ffa2b whaler/reporting "/bin/sh -c /run.sh" 19 minutes ago Up 4 minutes 0.0.0.0:80->80/tcp whaler_reporting
On the VM, I don’t have anything listening on 2375 so I expect that when I test this out by running docker -H=VMIPADDRESS run hello-world I would see the hello world container run but I’m getting the can’t connect error.
I am new to docker but I’m at my wit’s end for what else to check for to get this running. Could someone please provide some advice on how to get this up and running again?